package com.kakame.codenews.base.web.interceptor;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.kakame.codenews.base.util.SessionUtil;
import com.kakame.codenews.base.web.fast.mapping.common.User;

/**
 * <pre>
 * <b>desc:</b> 用户权限拦截器 
 * <b>auth:</b> 何家明
 * <b>date:</b> 2018年6月1日 上午10:23:06
 * </pre>
 */
public class AuthInterceptor implements HandlerInterceptor {
    private List<String> needFilterUrls;
    private List<String> excludeUrls;
    private String indexUrl;
    private String noEmailUrl;
    private String noAuthUrl;
    
    /**
     * 在调用controller方法前拦截
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestPath = request.getRequestURI();// 用户访问的资源地址
        String contextPath = request.getContextPath();
        requestPath = requestPath.replace(contextPath, "");
        if (isInExcludeUrls(requestPath)) {
            return true;
        } else {
            if(isInNeedFilterUrls(requestPath)) {
                User currentUser = SessionUtil.getCurrentUser(request.getSession());
                if(currentUser == null) {
                    response.sendRedirect(contextPath + noAuthUrl);
                    return false;
                } else {
                    if (StringUtils.isBlank(currentUser.getUserEmail())) {  // 凡是没有进行邮箱验证的账号都不可以进行操作
                        response.sendRedirect(contextPath + noEmailUrl);
                        return false;
                    }
                }
            }
            return true;
        }
    }

    /**
     * 判断用户请求的路径是否在排除的路径内
     * @author 何家明 2018年7月8日 下午8:49:42
     * @param requestPath
     * @return
     */
    private boolean isInExcludeUrls(String requestPath) {
    	if(excludeUrls.contains(requestPath)) {
    		return true;
    	}
    	for (String excludeUrl : excludeUrls) {
            if(excludeUrl.contains("**")) {  // 子孙全匹配
                String urlPre = StringUtils.split(excludeUrl, "**")[0];
                if(StringUtils.contains(requestPath, urlPre)) {  // url以urlPre开头的请求都通过
                    return true;
                }
            }
        }
		return false;
	}

	/**
     * <pre>
     * <b>desc:</b> 判断用户请求的路径是否在需要进行过滤的路径内 
     * <b>auth:</b> ex-hejm
     * <b>date:</b> 2018年6月8日 下午1:17:00
     * </pre>
     * @param requestPath
     * @return
     */
    private boolean isInNeedFilterUrls(String requestPath) {
        for (String needFilterUrl : needFilterUrls) {
            if(needFilterUrl.contains("**")) {  // 子孙全匹配
                String urlPre = StringUtils.split(needFilterUrl, "**")[0];
                if(StringUtils.contains(requestPath, urlPre)) {  // url以urlPre开头的请求都不能通过
                    return true;
                }
            }
        }
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest request,
            HttpServletResponse response, Object handler,
            ModelAndView modelAndView) throws Exception {
    }

    @Override
    public void afterCompletion(HttpServletRequest request,
            HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
    }

    public List<String> getExcludeUrls() {
        return excludeUrls;
    }

    public void setExcludeUrls(List<String> excludeUrls) {
        this.excludeUrls = excludeUrls;
    }

    public String getIndexUrl() {
        return indexUrl;
    }

    public void setIndexUrl(String indexUrl) {
        this.indexUrl = indexUrl;
    }

    public String getNoEmailUrl() {
        return noEmailUrl;
    }

    public void setNoEmailUrl(String noEmailUrl) {
        this.noEmailUrl = noEmailUrl;
    }

    public String getNoAuthUrl() {
        return noAuthUrl;
    }

    public void setNoAuthUrl(String noAuthUrl) {
        this.noAuthUrl = noAuthUrl;
    }

    public List<String> getNeedFilterUrls() {
        return needFilterUrls;
    }

    public void setNeedFilterUrls(List<String> needFilterUrls) {
        this.needFilterUrls = needFilterUrls;
    }
}
